ad info
 
CNN.com  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
  
 

  
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)
[CNN Money] BUSINESS
Playing for Iraq's jackpot

Coke & smoke bite Dow

Sun Microsystems posts tiny profit

(MORE)

MARKETS
4:30pm ET, 4/16
DJIA
144.70
8257.60
NAS
3.71
1394.72
S&P
10.90
879.91
 
[SI.com] SPORTS
Jordan says farewell for the third time

Shaq could miss playoff game for child's birth

Ex-USOC official says athletes bent drug rules

(MORE)

> All Scoreboards
WEATHER
All cities
WORLD

Quake help not fast enough, says Indian PM
U.S.

Bush: No help from Washington for California power crunch
POLITICS

Bush signs order opening 'faith-based' charity office for business
LAW

Prosecutor says witnesses saw rap star shoot gun in club
ENTERTAINMENT

Can the second 'Survivor' live up to the first?
HEALTH

Heart doctors debate ethics of testing super-aspirin
TRAVEL

Nurses to aid ailing airline passengers
FOOD

Texas cattle quarantined after violation of mad-cow feed ban
ARTS & STYLE

Ceramist Adler adds furniture to his creations

(MORE HEADLINES)
MAINPAGE
WORLD
U.S.
WEATHER
BUSINESS
SPORTS
TECHNOLOGY
 *
computing
personal technology
SPACE
HEALTH
ENTERTAINMENT
POLITICS
LAW
CAREER
TRAVEL
FOOD
ARTS & STYLE
BOOKS
NATURE
IN-DEPTH
ANALYSIS
LOCAL
EDITIONS:
CNN.com Europe

 change default edition
MULTIMEDIA:
video
video archive
audio
multimedia showcase
more services
E-MAIL:
Subscribe to one of our news e-mail lists.
Enter your address:
 
DISCUSSION:
chat
feedback
CNN WEB SITES:
CNN Websites
CNNfyi.com
CNN.com Europe
AsiaNow
Spanish
Portuguese
German
Italian
Danish
Japanese
Chinese Headlines
Korean Headlines
TIME INC. SITES:
CNN NETWORKS:
Networks image
CNN anchors
transcripts
Turner distribution
SITE INFO:
help
contents
search
ad info
jobs
WEB SERVICES:

All-in-one security device

Image From...
 Network World Fusion

February 24, 2000
Web posted at: 8:42 a.m. EST (1342 GMT)

by Tim Greene

(IDG) -- Start-up RapidStream is making a box that combines the features of traditional firewalls, policy managers and encryption gear in a single device that promises to deliver higher throughput than the individual devices.

When it is released in June, the start-up's gear will let large enterprise customers consolidate multiple security functions on a single device, making security management easier. It will also prevent securityrelated packet processing from becoming a bottleneck.

The unnamed RapidStream equipment will operate at a top speed of 400M bit/sec when it is released in June, but its performance will improve to a gigabit per second over the course of the next year, CEO Vince Liu says.

That outstrips the speed of competitors by hundreds of megabits per second. For instance, Secure Computing's Sidewinder firewall tops out at 19.8M bit/sec, according to a Network World firewall performance test.

NetScreen makes a multifunction appliance such as RapidStream with a top speed of 400M bit/sec, but will announce gigabit speeds this spring.

RapidStream equipment is meant for the largest enterprises that already have perimeter security in place, but find they have higher bandwidth traffic than the security devices can handle, says Eric Hemmendinger, an analyst with Aberdeen Group, a network consultancy in Boston. The problem the large users face is that firewall and encryption software typically runs on generalpurpose computers that handle data at less than 50M bit/sec. "These are becoming choke points," he says.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Is it time for Internet cops?
  Does more security mean less privacy?
  Firewall performance tests
  IDG.net's network operating systems page
  Reviews & in-depth info at IDG.net
  E-BusinessWorld
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for network experts
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

RapidStream's devices sit next to a router or switch, and traffic flows through them via two Ethernet ports. The box is built around RapidCore, a custom processor that enforces network policies with minimal use of the box's CPU and internal bus. When traffic comes into the RapidStream device, RapidCore reads packets down to the application layer and decides what policies it should enforce on each packet.

For the first packet in a packet flow, this request for policy data is handled by the CPU and stored in memory in the RapidCore processor. When subsequent packets come in with identical headers, the RapidCore processor already knows what policies to enforce without sapping the CPU, Liu says.

Based on this policy data, RapidCore can enforce firewall policies, quality of service, load balancing, encryption and network address translation without bothering the CPU again.

Adding hardware accelerators to standard computers can off-load the actual encryption of data, but that requires multiple trips back and forth to the CPU before a packet leaves the box, Liu says. The CPU gets overloaded as well as the system bus when handling high volumes of traffic, he adds.

Liu is the veteran of two previous start-ups, Bridge Communications and Centrum Communications, which were both absorbed by 3Com. Liu also served stints as 3Com's vice president of operations and vice president of engineering.

RapidStream plans to announce product names and other details this spring and ship the products in June. The company is currently making up its beta-test list.


 RELATED STORIES:
Clinton fights hackers, with a hacker
February 15, 2000
Banks warned of impending Web attacks days before they happened
February 15, 2000
FBI follows Internet chat room leads in hacker probe
February 15, 2000
Web site attackers exploited Stanford computers
February 12, 2000
Consulting firm says its server was used to attack AOL
February 11, 2000
RELATED IDG.net STORIES:
Wipe out Web graffiti
(Network World Fusion)
Firewall performance tests
(Network World Fusion)
New hacking tools released to attack sites
(IDG.net)
Denial-of-service aftermath
(Computerworld)
Does more security mean less privacy?
(PC World)
Is it time for Internet cops?
(Infoworld)
Intrusion detection: a matter of taste
(Network World Fusion)
Locking your Windows
(PC World)
RELATED SITES:
RapidStream
Internet Auditing Project
Downloads: Firewalls
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 Search   
Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.